[Unity-idm-discuss] Multiple SAML service providers authenticating against unity?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi,

I'm trying to have multiple SAML services providers authenticate against
unity (v2.4.1) as the IDP.

The relevant config file looks like this:

unity.saml.issuerURI=http://unity
unity.saml.credential=PORTAL
unity.saml.defaultGroup=/A
unity.saml.spAcceptPolicy=validRequester
unity.saml.acceptedSPMetadataSource.portal.url=file:///etc/unity-idm/portal-metadata_fed.xml
unity.saml.acceptedSPMetadataSource.simpleSAMLphp.url=file:///etc/unity-idm/simpleSAMLphp_fed.xml
unity.saml.signResponses=asRequest
unity.saml.translationProfile=portalSAMLOutputProfile
unity.saml.skipConsent=true
unity.saml.userCanEditConsent=false
unity.endpoint.web.autoLogin=true

However, if I try to log in to the portal SP, I get this error:

ERROR
SAML service got an invalid request.
If you are a user then you can be sure that the web application you was
using previously is either misconfigured or buggy.
If you are an administrator or developer, here the details of the error
follows:
eu.unicore.samly2.exceptions.SAMLRequesterException: Issuer is not among
trusted: portal
Caused by: eu.unicore.samly2.exceptions.SAMLRequesterException: Issuer
is not among trusted: portal

So it seems I can't configure two SPs in this way, is that right?
Is the only way to configure two SPs to copy-paste their xml config into
the same metadata xml file together?

Cheers,
D.

[Unity-idm-discuss] Multiple SAML service providers authenticating against unity?

Identity management and federations integration

[Unity-idm-discuss] Multiple SAML service providers authenticating against unity?